<?php
  require_once("include/fns.inc");
  if ($_GET['logout']==1) {
    unset($_SESSION['valid_login']);
  }
  if ($UserName && $UserPassword) {
    // if the user has just tried to log in
    $link = connect_to_db('', 'admin_xbq', 'nihao', 'test');
    $sql =  'SELECT * FROM `user` WHERE login = \''.$UserName.'\' AND PASSWORD = \''.$UserPassword.'\';';
    $result = mysql_query($sql) or die('Query failed2: ' . mysql_error());
    if (mysql_num_rows($result) > 0) {
      // if they are in the database register the user id
      $_SESSION['valid_login'] = $UserName;
      $line = mysql_fetch_array($result, MYSQL_ASSOC);
      $_SESSION['type'] = $line['user_type'];
      $_SESSION['user_id'] = $line['user_ID'];
    }
    mysql_free_result($result);
    mysql_close($link);
  }

  echo "<span align=\"center\" style=\"position:relative; top:50px;\">";
  echo "<table width=\"180\">";
  if ($_SESSION['valid_login']) {
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\">You are logged in as: ".$_SESSION['valid_login']."</td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\">";
    echo "<a href=\"";
    switch ($_SESSION['type']) {
      case 't': echo "/dpl/teacher.php";break;
      case 's': echo "/dpl/director.php";break;
      case 'd': echo "/dpl/head.php";break;
      case 'a': echo "/dpl/show_depart.php";break;
      case 'r': echo "/dpl/rector.php";break;
    }
    echo "\">Go to my page.</a>";
    echo "</td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\">";
    echo "<a href=\"".$_SERVER['PHP_SELF']."?logout=1\">Sign out</a>";
    echo "</td>";
    echo "</tr>";
  }
  else {
    echo "<form action=\"".$_SERVER['PHP_SELF']."\" name=\"inf\" Method=\"post\">";
    if ($UserName) {
      echo "<tr class=\"style3\">";
      echo "<td class=\"style3\">Your password is not right</td>";
      echo "</tr>";
      echo "<tr class=\"style3\">";
      echo "<td class=\"style3\">Try again!</td>";
      echo "</tr>";
    }
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\">Enter your user name:</td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\"><input type=\"text\" name=\"UserName\"></td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\">Enter your password:</td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\"><input type=\"password\" name=\"UserPassword\"></td>";
    echo "</tr>";
    echo "<tr class=\"style3\">";
    echo "<td class=\"style3\"><input type=submit width=\"100\" value=\"OK\"></td>";
    echo "</tr>";
    echo "</form>";
  }
  echo "</table>";
  echo "</span>";
?>
